This should work vaguely the same way that `twisted.web.vhost.VHostMonsterResource` works.

2

3

- `Request.getHost()` should return the forwarded-for host rather than the `Host:`.

4

- `Request.isSecure` should return the security of the [http://tools.ietf.org/html/draft-petersson-forwarded-for-02#section-5.4 proto] parameter

5

6

Like `VHostMonster`, there should be some configuration required to get into this mode. One mechanism for doing that would be to have a `ForwardedForParserResource`; however, since the connecting address is quite important, it may also be reasonable to build this directly into `Site`. Trusting random forwarded-for headers off the internet would not be good, so it should be easy to specify what the address of the expected terminating proxy is.

7

8

Also, forwarded-for is a bit more expressive than the vhostmonster idiom in that it can describe multiple hops. This additional information should be exposed through an explicit API - perhaps a new `forwardedFor` method on Resource that returns an iterable of objects describing the hosts that it was forwarded through.

2

9

3

10

See #5806, http://tools.ietf.org/html/draft-petersson-forwarded-for-02